What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-05-25 16:57:39 | Hack In The Box: Malware Disguises Itself To Infiltrate Your Device (lien direct) | No user would intentionally allow malware onto a mobile device, so it's obvious why malicious apps disguise themselves to trick users into inviting them in. In many cases, malware tries to persuade the user into going even further by asking for various permissions that can enable malicious actions. Malware tries to do as much damage […] | |||
|
2016-05-24 19:00:26 | TeslaCrypt Ransomware Shuts Down: One Down, Plenty to Go (lien direct) | In a surprising turn of events, the creators of the notorious TeslaCrypt ransomware shut down their operation and revealed the master key for decrypting all files. They even said they are sorry, as displayed in the image below. Figure 1: TeslaCrypt Shut Down Message The motive behind this step remains unclear. The attackers could […] | Tesla | ||
|
2016-05-24 13:00:58 | The Scripting Threat: How Admin Tools Became Dominant in the Malware Attack Lifecycle (lien direct) | Malware have increasingly adopted scripts as a major technique, replacing file-based execution. This transition took place mainly to avoid signature-based detection employed by many security vendors. To understand how this is achieved, one must first understand what scripting really is. Scripting languages are programs that support automated execution of tasks, which could be executed manually […] | |||
|
2016-05-20 19:00:50 | In The Wild: Malware in Google Play is as Prevalent and Pesky as Ever (lien direct) | Not a week passes without new malware found on Google Play and this week was no different. Among the malware found are both new and old samples, including a known malicious banker and a new type of malware making its first appearance on Google Play. Also, Google has patched more vulnerabilities, which is no coincidence […] | |||
|
2016-05-20 16:00:34 | Spear Phishing 2.0 Adds Social Engineering & VM Evasion (lien direct) | Spear phishing attacks are a rising threat faced by organizations. These well-planned attacks can deceive even the most cautious users. Unlike old-fashioned mass phishing attempts, these attacks are directed at specific individuals or companies and are tailor-made to fit their target. Used for a wide variety of reasons from stealing personal information or credentials to […] | |||
|
2016-05-19 15:00:00 | Everyday Malware Poses a Risk to Critical Infrastructure (lien direct) | Many people believe that only state-sponsored attacks can endanger critical infrastructure. They claim that such elaborate malware capable of targeting the inner workings of Industrial Control Systems (ICS) are not the work of simple hackers. This flawed perception completely disregards the fact that ICS can fall victim to the most banal malware – and in […] | |||
|
2016-05-18 15:52:35 | Hack In The Box: How Attackers Manipulate Root Access and Configuration Changes (lien direct) | Securing iOS and Android smartphones and tablets is still a relatively new concept. Taking control of a mobile device was once considered an unlikely threat because it was hard to do. However, malware has moved forward, making attacks a more imminent threat. One of the causes for this is malware's advances in attack capabilities. Technical […] | |||
|
2016-05-17 18:35:27 | Inside Nuclear\'s Core: Unraveling a Ransomware-as-a-Service Infrastructure (lien direct) | The Check Point Research team has uncovered the entire operation of one of the world's largest attack infrastructures. Exploit Kits are a major part of the Malware-as-a-Service industry, which facilitate the execution of ransomware and banking trojans, among others. Their creators rent them to cybercriminals who use them to attack unsuspecting users. Nuclear is one of the […] | |||
|
2016-05-17 14:00:53 | Introducing Check Point SandBlast™ Cloud (lien direct) | The increasing adoption of cloud-based email tools such as Microsoft Office 365™ allows businesses to efficiently communicate and collaborate, without investing resources in managing and maintaining their own dedicated IT infrastructure. However, the shift to cloud-based tools also brings with it an array of security risks, including sophisticated attacks like spear-phishing and ransomware that use […] | |||
|
2016-05-12 17:15:07 | The Notorious TeslaCrypt V3 Ransomware: A Comprehensive Analysis (lien direct) | As the current wave of ransomware rages on, one stands out in its ability to adapt: TeslaCrypt. Although it emerged only in 2015, we are currently witnessing the malware's third generation. Since its debut, it has transformed itself, fixing its flaws and vastly improving its ability to evade detection. It has also expanded its distribution […] | Tesla | ||
|
2016-05-12 16:53:08 | (Déjà vu) Hack In The Box: System Vulnerabilities Can Leave Mobile Devices Exposed (lien direct) | System vulnerabilities are a major threat facing users and enterprises today, and these need to be remedied thoughtfully. Since these vulnerabilities don't require social engineering schemes to become exposed, and because they have an alarmingly high success rate, they are also one of the easiest ways to attack Android and iOS devices. The constant release […] | |||
|
2016-05-09 19:00:30 | Viking Horde: A New Type of Android Malware on Google Play (lien direct) | The Check Point research team uncovered a new Android malware campaign on Google Play it calls Viking Horde. Viking Horde conducts ad fraud, but can also be used for other attack purposes such as DDoS attacks, spam messages, and more. At least five instances of Viking Horde managed to bypass Google Play malware scans so […] | |||
|
2016-05-06 18:24:23 | (Déjà vu) In The Wild: Mobile Malware Follows in the Steps of its PC Cousins (lien direct) | Mobile Security Observations from the Check Point Research Team Mobile malware is still a growing phenomenon and, in many cases, follows the lead set by predecessors in the PC world. This week the Check Point research team encountered different mobile malware that adopted techniques previously known only in the PC world. This is not a […] | Guideline | ||
|
2016-05-05 14:30:00 | The Unknown Threats Will Get You, Every Time (lien direct) | Craig Dunaway didn’t see it coming. His company, restaurant chain Penn Station, had done everything possible to secure its sensitive data and that of its customers. Even still, Dunaway, the president of Penn Station, would learn in 2012 about an unusual security breach. Malware secretly uploaded to Penn Station’s network had been stealing credit card […] | |||
|
2016-05-04 18:27:28 | Hacking Elections (lien direct) | There are many different motives for hacking an organization. Most attacks are categorized as cybercrime, and this involves credential theft, ransomware or any form of financially motivated attacks. Another form of cyber attacks are classified as cyber espionage and include state espionage and spouse tracking, for example. Cyber war is another motive for attacks, mostly […] | |||
|
2016-05-02 14:00:21 | A New Approach to Security (lien direct) | Changing with the times is frequently overlooked when it comes to data center security. Technology is becoming increasingly dynamic, but most data centers are still using archaic security measures to protect their network which isn't going to stand a chance against today's sophisticated attacks. Recent efforts to upgrade these massive security systems are still falling […] | |||
|
2016-04-29 15:02:54 | In The Wild: Breaking Mobile Security Paradigms… Again (lien direct) | Security researchers have shattered the mobile security paradigm once again. They've managed to bypass Android two-factor authentication, and iOS is proven vulnerable again both to exploits and malware. It has become very clear: traditional defenses are simply not enough. Users must implement advanced measures to stay safe. Two Factor Authentication Bypass: There’s No Place to Hide […] | |||
|
2016-04-28 15:05:35 | (Déjà vu) Marcher Marches On: The Anatomy of a Banker Malware (lien direct) | Not very often do we have the chance to observe the full flow of an attack. Usually, we can analyze the malware itself and, in some cases, we manage to identify the infiltration vector. But today we're laying out the full attack flow of the infamous Marcher mobile banker malware. Overview The Marcher banker malware […] | |||
|
2016-04-26 16:00:55 | Check Point Threat Alert: CryptXXX Ransomware (lien direct) | CryptXXX ransomware has been observed in the wild as of March 2016, delivered via the Angler Exploit Kit and spread through the Bedep trojan. The ransomware is demanding a $500 ransom to be paid in order to recover the encrypted files on a machine, and provides the victim the possibility to decrypt one file for […] | |||
|
2016-04-26 14:00:44 | Digging Deeper: How Ransomware and Malware use Microsoft Windows\' Known Binaries (lien direct) | Since Windows 7 is the most popular operating system (OS) among PCs, many malware choose to target it. Malware often do so by using Windows' very own artifacts. During 2015, Windows artifacts were increasingly abused for malicious operations. For attackers, this is an effective technique, since these artifacts are always present in a Windows environment. […] | |||
|
2016-04-25 15:00:27 | (Déjà vu) Android Security 2015 Year In Review: What Isn’t Google Telling You? (lien direct) | For the second year in a row, Google released its annual report which details “how Google Services protect the Android ecosystem.” On the surface, the Android Security 2015 Year In Review is a compelling argument for how Google's advances in mobile security give users greater confidence that Android can protect sensitive data on smartphones and tablets. […] | |||
|
2016-04-22 14:47:07 | (Déjà vu) In The Wild: Google Can\'t Close the Door on Android Malware (lien direct) | Mobile Security Observations from the Check Point Research Team After its presentations about “SideStepper” and trends in mobile attacks in BlackHat Asia, the Check Point mobile research team wasn't surprised to find that the trends it pointed out continue. Google Play has been infiltrated by malware yet again, and as our colleague Avi Bashan pointed […] | |||
|
2016-04-21 18:02:36 | Forrester Names Check Point a \'Leader\' in Automated Malware Analysis (lien direct) | Organizations are facing the latest variants of sophisticated malware every day, and it is evident that traditional solutions are no longer effective in detecting and stopping these new threats. At Check Point, we continuously strive to deliver advanced security solutions that protect businesses against known, unknown and zero-day attacks. That is why we are pleased […] | |||
|
2016-04-20 22:00:41 | Top 4 Ways Employees Compromise their Corporate Data via Cloud Services (lien direct) | Recent research by Gartner showed that “Through 2020, 95% of cloud security breaches will be the customer's fault.” Massive cloud adoption by enterprises has given rise to a shared responsibility approach in securing cloud usage, where the service provider undertakes the responsibility of the infrastructure and the customer takes responsibility of the users, content and […] | |||
|
2016-04-20 17:11:27 | Inside Nuclear\'s Core: Analyzing the Nuclear Exploit Kit Infrastructure (lien direct) | Malware use different methods to propagate. Exploit kits (EKs) have been one the most common platforms for infecting end-users in the past few years. While there are several different EKs out in the wild, there are a few that stand out. One of these is the Nuclear Exploit Kit, which was introduced in 2010. As […] | |||
|
2016-04-19 04:00:47 | Unleash the Power of Security for Businesses of All Sizes (lien direct) | When we introduced the 15000 and 23000 series appliances in January, giving our large enterprise and data center network customers a giant step ahead of cyber threats and malware, it raised a logical question: what about businesses of other sizes and their networks? After all, smaller organizations and branch offices are ripe targets for cybercriminals […] | |||
|
2016-04-15 18:36:33 | KOVTER RANSOMWARE – THE EVOLUTION: From Police Scareware to Click Frauds and then to Ransomware (lien direct) | In terms of cyber security research, the Kovter malware family is very interesting. A wide-spread malware found in different parts of the cyber landscape, Kovter underwent extensive changes both in its purpose and in the methods it uses. During 2013, Kovter acted as a police ransomware. In 2014 and 2015, it conducted “click fraud” attacks. […] | |||
|
2016-04-13 14:00:48 | The Next Battleground – Critical Infrastructure (lien direct) | Cyber threats have dramatically developed throughout the years. From simple worms to viruses, and finally to advanced Trojan horses and malware. But the forms of these threats are not the only things that have evolved. Attacks are targeting a wider range of platforms. They have moved from the PC to the Mobile world, and are […] | |||
|
2016-04-13 13:52:16 | Check Point Threat Alert: Badlock Vulnerability (lien direct) | EXECUTIVE SUMMARY An elevation-of-privilege vulnerability exists in Microsoft Windows and the Samba interoperability suite for Linux & UNIX. Attackers could launch a man-in-the-middle-attack and downgrade the authentication level of DCE/RPC channels, allowing them to impersonate authenticated users. Check Point's latest IPS update protects against this vulnerability with the “Microsoft Windows RPC Authentication Downgrade (MS16-047)” protection. […] | |||
|
2016-04-12 14:00:24 | New Technologies Pose New Threats (lien direct) | Technology has changed our lives for the better; there is no doubt about it. However, it also introduced various risks into them. In fact, this is one of the most interesting things about technology: its effect depends on the people behind it. Sadly, alongside inspiring figures who move technology, and the world forward, there is […] | |||
|
2016-04-11 18:59:58 | Decrypting the Petya Ransomware (lien direct) | Petya is a relatively new ransomware variant that first appeared on the cyber-crime scene at the beginning of 2016. While Petya doesn't have an impressive infection rate like other ransomware such as CryptoWall or TeslaCrypt, it was immediately flagged as the next step in ransomware evolution. Petya's developers were not content with merely encrypting all […] | Tesla | ||
|
2016-04-11 18:59:15 | New Locky Variant Implements Evasion Techniques (lien direct) | Following Check Point's recent discovery of a new communication scheme implemented by the Locky ransomware, our research teams decided to take a closer look at the inner workings of this new variant and map any new features it introduces. When Locky first appeared, we thoroughly analyzed its logic, like many other industry researchers. Our analysis […] | |||
|
2016-04-11 14:00:44 | Security Management for Critical Infrastructure Environments (lien direct) | The mission of protecting industrial control systems (ICS) is so vital that it cannot be left to just any security solution. Every day we expect water to flow from our faucets, our lights and electricity to work and traffic lights to move traffic along quickly and efficiently. Interruptions in any of these essential systems, even […] | |||
|
2016-04-08 23:37:38 | Malvertising: When Advertising Becomes Dangerous (lien direct) | Over the last several months, the BBC, the New York Times, and other major news and commercial websites became victims of Malvertising attacks. What exactly is Malvertising? To understand this type of attack, we must go back to the malware basics. One of the most prominent ways malware spreads is by infecting websites and delivering […] | |||
|
2016-04-08 16:28:33 | (Déjà vu) Qihoo 360: Just the Tip of the Whitelisted Malware Iceberg (lien direct) | The Check Point Mobile Threat Prevention team has long stressed how dangerous it can be to get apps from sources other than the Apple App Store and Google Play. Even with well-known third-party app stores the problem of security has become more obvious than ever. A great example of this is Qihoo 360, a Chinese […] | |||
|
2016-04-06 22:04:25 | Ransomware: Cybercriminals New Attack of Choice (lien direct) | In recent years, we've seen banker malware as the most prominent threat in the cyber world. However, over the last six months there has been a major change in the cyber threat landscape. Banker malware has been replaced in many cases by the incoming wave of ransomware, which continues to attack users worldwide, severely impacting […] | |||
|
2016-04-06 15:00:51 | Congrats! More than 7000 applications in your database (lien direct) | Security managers will appreciate Check Point's Application Control Software Blade. With more than 7000 pre-defined and supported applications, Check Point provides the industry's strongest application security and identity control to organizations of all sizes. It enables IT teams to easily create granular policies—based on users or groups—to identify, block or limit usage of web applications, network protocols […] | |||
|
2016-04-05 14:00:48 | New Technology Strives to Keep Android Apps and Users Safe (lien direct) | Mobile applications are intended to be safe for use, protecting users' privacy. However, many of them are poorly designed, accessing unnecessary data and receiving superfluous permissions. In fact, this is done not only by malicious apps but by an astonishingly large portion of all applications. According to research conducted by Check Point of more than […] | |||
|
2016-04-04 18:26:27 | New Locky Ransomware Variant Implementing Changes in Communication Patterns (lien direct) | Recently, Check Point published a detailed report describing Locky, an emerging new ransomware threat, which was first reported on February 16, 2016. New characteristics related to its communication have now been observed in the wild. In the past two weeks we have witnessed several changes in Locky communication patterns, as a part of a new […] | |||
|
2016-04-04 14:00:38 | It\'s Time to ReThink Security Management (lien direct) | “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.” R. Buckminster Fuller said those words decades ago, but they still ring true in present times, especially when it comes to the progression and innovation in technology. Here at Check Point, we do […] | |||
|
2016-04-01 19:00:08 | Angler EK Malvertising via Hacked Revive Adserver (lien direct) | Malware are spread by various methods such as phishing emails, malicious URLs, and more. One of the most prominent methods is using exploit kits, such as the infamous Angler Exploit Kit (EK), to spread malware to users when they visit infected sites. To cast as wide a net as possible, malware writers try to infect […] | |||
|
2016-04-01 16:47:58 | Check Point Threat Alert: Ransomware Campaigns Using .JS Inside Archives (lien direct) | Recently there is noticeable increase in using JavaScript files inside archives as a means to avoid detection in ransomware campaigns. The campaigns, which distribute various ransomware payloads, generate thousands of spear phishing emails with a demand for payment within 48 hours. These phishing emails include attached archive files (zip / rar) which contain malicious JavaScript […] | |||
|
2016-03-31 13:00:12 | SideStepper: Bypassing the iOS Gatekeeper to Attack iPhone and iPad Devices (lien direct) | Check Point disclosed details about SideStepper, a vulnerability that can be used to install malicious enterprise apps on iPhone and iPad devices enrolled with a mobile device management (MDM) solution. The Check Point mobile research team presented details about this vulnerability at Black Hat Asia 2016 in Singapore on April 1, 2016. Click here to download the report. […] | |||
|
2016-03-29 17:30:19 | Over the Garden Wall: Enterprise Apps Are An Unguarded Path Into iOS (lien direct) | iOS is supposed to be a secure environment where only certified code can run. That’s why Apple uses its app review to scrutinize each and every app before it makes it onto the App Store. However, there are other paths to distribute apps to iOS devices without going through Apple's review. The first is using […] | |||
|
2016-03-29 14:00:48 | Unsecure Routers Pose a Serious Risk to Small Businesses (lien direct) | Today, business cannot operate without an internet connection. Business leaders are more empowered than ever with the resources attainable with the internet, and by keeping security in mind, businesses can make the most of the internet while knowing their data is secure. For many small businesses their survival is dependent on the internet, making it […] | Guideline | ||
|
2016-03-28 18:20:27 | Check Point Threat Alert: SamSam and Maktub Ransomware Evolution (lien direct) | Executive Summary New and evolving ransomware campaigns, dubbed 'SamSam' and 'Maktub', use techniques not commonly observed in previously known ransomware. SamSam spreads by targeting and infecting servers that contain unpatched vulnerabilities. Maktub and Samsam do not communicate with a C&C server to encrypt files on an infected computer. SamSam's primary target is the healthcare industry. […] | |||
|
2016-03-28 14:00:51 | Security Management Innovation in Financial Services (lien direct) | The financial industry is one of the leaders in adopting new technology to service and protect its customers, and recent developments in technology have given the industry countless opportunities to do so even more. Digital systems are now the beating heart of many areas of the financial services business, opening up new communication links across […] | Guideline | ||
|
2016-03-25 14:00:47 | In The Wild: Mobile Security Observations from the Check Point Research Team (lien direct) | Special thanks to malware analysts Nikita Kazymirsky and Hod Gavriel who contributed to this blog post. Mobile malware learns fast. Many times, these malwares imitate behaviors and trends first seen in the PC world. However, mobile users are much less aware of mobile malware than PC malware. This allows mobile malware to gain momentum and […] | |||
|
2016-03-23 19:52:51 | New TeslaCrypt Ransomware Spikes on Leap Day, Attempting to Catch Users Off-Guard (lien direct) | In reviewing recent anomalies in our threat traffic, Omri Givoni, who heads up our Threat Prevention Cloud Group, noticed a spike of more than 100,000 events in our detections on leap day, February 29th, 2016. Zeroing in on the event, we isolated one SHA1 7429b5b4c239cb5380b6d7e4ffa070c4f92f3c79, which strangely did not show any incidents either before or […] | Tesla | ||
|
2016-03-22 15:00:43 | Over the Garden Wall: Jailbreaking Is A Threat to Consumers and Enterprises (lien direct) | With good reason, Apple is sensitive about the integrity and security of iOS which is purpose-built as a closed and protected environment. This design gives iOS strict control of any code executed on an iPhone or iPad. There are, however, several ways used to bypass Apple's security by design. One of these methods is jailbreaking. […] |
To see everything:
Our RSS (filtrered)
